[FFmpeg-devel] [PATCH] lavc/vvc: Fix assertion bound on qPy_{a, b}
Nuo Mi
nuomi2021 at gmail.com
Sun Aug 25 17:14:31 EEST 2024
On Sun, Aug 25, 2024 at 8:00 PM Nicolas George <george at nsup.org> wrote:
> Nuo Mi (12024-08-25):
> > Thank you for the patch.
> > Perhaps we can consider removing the assert, as other processes
> guarantee
> > the range, correct?"
>
> Uh, what?!?
>
> The point of an assert is precisely to check that the “other processes”
> that are supposed to guarantee something are really doing it.
>
> What happens if a bug is introduced in these “other processes” that lets
> invalid value fall through?
>
> With the assert, the code crashes immediately.
>
> Without the assert, it causes a memory corruption, leading to silent
> corruption of data or exploitable security issue.
>
> Leave the asserts. Add asserts where there are none.
>
Hi Nicolas,
Thank you for the feedback.
assert0 will cause a released program to crash, and we have a task to
remove assert0 in the VVC decoder.
However, you're right that assert2 is intended for debugging purposes.
If you prefer, we can keep the original version.
>
> Regards,
>
> --
> Nicolas George
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".
>
More information about the ffmpeg-devel
mailing list